Transaction Token Issuing Authorities

ABSTRACT

Systems, methods, apparatus, processes, computer program code and means for conducting transactions are described which allow a first party to a transaction to identify a second party to a transaction.

CROSS REFERENCE TO RELATED APPLICATIONS

The present application is a continuation of U.S. patent applicationSer. No. 14/169,067 (filed on Jan. 30, 2014), and claims benefit of andpriority to, U.S. Provisional Patent Application Ser. No. 61/758,543(filed on Jan. 30, 2013), and is a continuation-in-part of U.S. patentapplication Ser. No. 13/768,156 (filed on Feb. 15, 2013), which is acontinuation of U.S. patent application Ser. No. 12/846,911 (filed onJul. 30, 2010), and claims benefit of, and priority to, U.S. ProvisionalPatent Application Ser. Nos. 61/362,567 (filed on Jul. 8, 2010) and61/322,477 (filed on Apr. 9, 2010); and this application is also acontinuation-in-part of U.S. patent application Ser. No. 13/731,348(filed on Dec. 31, 2012), which is a continuation of U.S. patentapplication Ser. No. 12/846,911 (filed on Jul. 30, 2010), the contentsof each of which are hereby incorporated by reference in their entiretyfor all purposes.

BACKGROUND

Recently, payment systems and payment approaches have been proposed inwhich users may conduct transactions using mobile devices. In certainapproaches, such as those proposed by the assignee of the presentinvention, users may conduct transactions using mobile devices having amobile payment application thereon. In the proposed transactions, a“token” (such as a checkout token, or ATM token) may be captured orcommunicated to the mobile device. The token is used by a transactionmanagement system to facilitate completion of the transaction betweenthe user of the mobile device and the transaction location. For example,the transaction management system may use information associated withthe token to identify the merchant (or the consumer) associated with thetransaction location and to identify pending transaction informationassociated with the transaction location.

In some embodiments of the system introduced by the assignee of thepresent invention, a token is used to link two entities that wish toengage in a transaction. The system described can be used to replace theuse of a magnetic stripe card and reader, which in the case of purchasetransactions is used to link together, for example, a purchasetransaction that is pending in a checkout lane at a store with thepayment credentials of a consumer who wishes to pay the merchant for thegoods associated with the pending transaction.

The transaction could be a purchase transaction, an ATM transaction, amoney transfer transaction, or an authentication transaction, a check inprocess, or any other transaction where information needs to beexchanged between two entities. In some embodiments it is a merchant anda buyer, in others it is two people, and in others it could be a personwanting to make their presence known to a retailer so that a gas pumpcan be automatically turned on, or so that a bartender at a bar can knowto automatically prepare their favorite drink.

It would be desirable to provide systems and methods which allowmultiple transaction management systems to be involved in transactions.Further, it would be desirable to allow multiple entities or systems toperform different transaction management functions while still enablingusers of mobile devices to conduct transactions in an efficient andreliable manner.

Further, it would be desirable to allow a device involved in atransaction to easily identify the appropriate transaction managementsystem as well as the correct path or communication channel to use tocommunicate with the appropriate transaction management system for eachtransaction. For example, in transactions in which a mobile devicecaptures a token associated with a point of transaction, the mobiledevice may perform processing to identify the appropriate transactionmanagement system for use in the transaction based on informationreceived from the token. As another example, in transactions in which atransaction terminal captures a checkout token from a mobile device, thetransaction terminal may perform processing to identify the appropriatetransaction management system for use in the transaction based oninformation received from the token.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram depicting portions of a system configuredpursuant to some embodiments.

FIG. 2 is a block diagram depicting portions of the system of FIG. 1configured pursuant to some embodiments.

FIG. 3 is a block diagram depicting portions of a system configuredpursuant to some embodiments.

FIG. 4 is a flow diagram depicting a process pursuant to someembodiments.

FIG. 5 is a block diagram depicting portions of a system configuredpursuant to some embodiments.

FIG. 6 is a block diagram depicting portions of a system configuredpursuant to some embodiments.

DESCRIPTION

Embodiments of the present invention relate to systems, methods,processes, computer program code, and means for conducting transactions.More particularly, some embodiments relate to systems, methods,processes, computer program code and means for operating a mobile deviceto conduct transactions with merchants, services providers and otherdevices (such as automated teller machines or “ATMs”). Pursuant to someembodiments, systems, methods, processes, computer program code andmeans for operating a mobile device to conduct a transaction includesdetermining a transaction token issuing authority associated with amerchant or point of transaction such that the mobile device maycommunicate with the appropriate entity (or entities) to conduct atransaction. In general, embodiments may be deployed in conjunction witha system such as that described by the inventors in their co-pending andcommonly assigned applications referenced above in which mobile devicesmay be used to conduct transactions by scanning, capturing, or otherwiseentering a code associated with a transaction. Features of someembodiments will be described in conjunction with a payment system inwhich a mobile device is used to conduct a transaction at a merchantlocation or point of interaction (or, in some embodiments, at anautomated teller machine, a kiosk, or the like).

Pursuant to some embodiments, multiple transaction management systems(or remote transaction management devices) may be associated with orused in a payment system of the present invention. For example, a firstmerchant may utilize the services of a first transaction managementsystem to process transactions, while a second merchant may utilize theservices of a second transaction management system to processtransactions. A consumer who carries a mobile payment device with amobile payment application according to the present invention, need notnecessarily know which transaction management system each merchant uses.However, pursuant to some embodiments, the mobile payment application onthe mobile device must know which transaction management system tocommunicate with during transactions associated with the presentinvention. Embodiments described herein provide techniques for allowingthe mobile payment application on a mobile device to determine whichtransaction management system to communicate with in order to conduct apayment transaction. Further, embodiments may also be used in situationswhere the merchant systems need to determine, based on informationreceived from a mobile device, the appropriate transaction managementsystem to communicate with. The result is a system which allows multipletransaction management systems to be involved in a payment system.Further, there may be multiple layers or sets of systems or entitiesthat perform aspects of a transaction management system, each of whichmay refer to other systems or entities as described further herein.

Pursuant to some embodiments, the functions of a transaction managementsystem may be performed by multiple entities or systems. For example,one or more wallet issuers may perform functions such as userauthentication and basic transaction management functions. One or moretoken issuing authorities may perform functions such as merchantauthentication and basic transaction management functions. In suchembodiments, when a consumer operates a mobile device to conduct atransaction with a merchant, the mobile device (and/or the mobile deviceoperating in conjunction with a wallet issuer) must determine whichtoken issuing authority issued a token on behalf of the merchant so thatthe transaction can be conducted between the consumer (operating themobile device) and the merchant. Embodiments allow such transactions tobe conducted. Other features and benefits will become apparent from thefollowing disclosure in which an initial description of transactionswill be provided by reference to FIG. 1 (where multiple transactionmanagement systems may be involved in transactions). Further transactiondetails will be provided in FIG. 2 (where multiple transactionmanagement systems may be involved). In FIG. 3, transaction details aredescribed where some of the functions of a transaction management systemare performed by one or more token issuing authorities and one or morewallet issuers. In FIG. 4, a wallet registration process is described(which may be performed between a user who wishes to configure a mobilepayment application on a mobile device and a transaction managementsystem or a wallet issuer). In FIG. 5, further details of a transactionprocess are described for situations where one or more wallet issuersand one or more token issuing authorities are involved in a transaction.

A number of terms are used herein for convenience and ease ofexposition. For example, the term “point of transaction” will be used togenerally refer to an entity, device or other object with which a useroperating a mobile device wishes to transact. For example, a “point oftransaction” may be a point of sale terminal at a merchant, a merchantwebsite, an ATM, a kiosk, another individual, an item with an identifiersuch as a QR code printed on it, or an item or object containing awireless device or beacon such as a Bluetooth beacon, NFC chip, audiodevice, or other device that can be used to initiate a transaction whenworking in conjunction with another device, or the like. Withoutlimiting the foregoing, and for convenience, as used herein, a “point oftransaction” may also be referred to simply as a “merchant”.

The term “token” will be used to refer to an identifier or informationthat is exchanged between devices involved in a transaction. Forexample, a token may be provided by a merchant point of transaction to amobile device during or associated with a transaction involving themerchant and the mobile device. As another example, a token may beprovided by an ATM to a mobile device during or associated with atransaction involving the ATM and the mobile device. As still anotherexample, a token may be provided by a customer to a point of interactionto initiate a transaction. A token may be provided in a number ofdifferent forms as will be described further herein. A token may beissued for use in a transaction in a number of different ways. Forexample, as will be described further herein, a token may be issued,generated or otherwise provided by a transaction management system or a“token issuing authority”.

The term “capture” will be used to refer to the act of scanning, readingor other obtaining of a “token” (an identifier used to facilitatetransactions pursuant to some embodiments). The term “capturing” (or“captured”) is not intended to be limiting, and is intended to encompassembodiments where a mobile device is operated to receive a token (ordata associated with a token) via key entry, via image capture, via RFIDreading, BLE/Bluetooth, NFC, and using other scanning, reading, or otherwired or wireless techniques described herein. Pursuant to someembodiments, the term “capture” further includes any decoding or imageprocessing of a token required to retrieve or otherwise obtaininformation from the token.

As another example, the term “wireless” is used to refer to unwiredremote communication techniques, such as, for example, using radiofrequency or other electromagnetic radiation based communicationtechniques (including RFID, wifi, Bluetooth/BLE, zigbee or othertechniques). Those skilled in the art, upon reading this disclosure,will appreciate that the use of these terms is not intended to belimiting, but for the purposes of exposition.

As another example, the term “transaction management system” refers to asystem operated by an entity to facilitate transactions involving mobiledevices and merchants, ATMs, or other devices. In general, a transactionmanagement system may be a transaction management system such asdescribed in U.S. Pat. Nos. 8,632,000 and 8,380,177. In general, atransaction management system may be a system which matches pendingtransaction information received from one device (such as a point oftransaction, a mobile device, or an item) associated with a first partywith information received from another device (such as a mobile device,a point of transaction, or the like) associated with a second party.Pursuant to some embodiments, the transaction management system performsthe matching using, at least in part, a token (such as a checkout tokenor ATM token). Once the pending transaction information is matched withthe user information, further processing may be performed to allowselection or identification of an appropriate or desired payment accountto be used to complete the transaction. In some embodiments, thetransaction management system may perform other functions. For example,a transaction management system may perform user and mobile deviceauthentication processing. A transaction management system may also beused to issue tokens for use in conducting transactions.

As used herein, a “transaction management system” may also be used todetect the presence of a user or device at a given venue and takeactions on their behalf. For example, upon a user's device determiningvia a Bluetooth beacon capability that broadcasts a token and which islocated near a particular retailer (where the token may be used todetermine the user's location on its own or in conjunction withgeolocation capabilities on the user's device), ATM or other point ofinteraction, the transaction management system may check the userassociated with a given device in with one or more points of interactionat that location. Checking in means that the point of interaction systemreceives some profile information about the user, such as their name,nickname, picture, loyalty program number, preferences for goods andservices that they frequently purchase. In addition, the check-inprocess can result in the point of interaction or personnel at the pointof interaction executing transactions on behalf of the user, such asautomatically performing a pre-authorization on a payment instrument fora predetermined amount so that a gas station pump (point of interaction)is ready for them to begin pumping gas, or to prompt a bartender toautomatically begin preparing a particular drink or have kitchen staffbegin preparing the user's favorite meal.

In some embodiments, the functions performed by a transaction managementsystem may be performed by separate entities. For example, as usedherein, a “wallet issuer” may perform functions such as authenticationof a user and a mobile device as well as certain transaction processingfunctions. As used herein, a “token issuing authority” or “token issuer”is used to refer to an entity, system or device that may performfunctions such as authentication and communication with a merchant, ATMor other point of interaction as well as certain transaction processingfunctions. As used herein, the term “directory service” may be used torefer to a service performed by or on behalf of any of a transactionmanagement system, a token issuing authority, and a wallet issuer (orother entity). A “directory service” may provide a service to allow alookup or mapping function to be performed (e.g., based on a token) todetermine which entity or entities a device (such as a mobile device ora merchant) should communicate with to perform transaction processing asdescribed herein. Details of such functions will be provided furtherbelow.

Features of the present invention will be described assuming the use ofthe payment systems described in our co-pending applications referencedabove, and the details of those systems will not be fully reiteratedherein. However, embodiments of the present invention are not limited touse in conjunction with the payment systems described in our co-pendingapplications.

Features of some embodiments of the present invention will now bedescribed by reference to FIG. 1, which is a block diagram of a system100 pursuant to some embodiments. More particularly, FIG. 1 is a blockdiagram of a system where multiple transaction management systems 130a-n are used. Each transaction management system 130 may performfunctions as described herein, or other functions that allow a mobilepayment application transaction to be processed in situations wheredifferent transaction systems are involved. In such a system, there maybe circumstances where a transaction at one merchant may requireinteraction with a first transaction management system, and atransaction at a second merchant may require interaction with a secondtransaction management system. Embodiments as depicted in FIG. 1 allowthe use of such multiple transaction management systems. Before adescription of how multiple transaction management systems, walletissuers and/or token issuing authorities will be used, a review of howtransactions may be processed will be provided. Further details ofdifferent types of transactions and transaction processing may beobtained by reference to the commonly assigned patents and applicationsincorporated by reference herein.

For convenience, various transactions will be described by reference tothe payment system 100 of FIG. 1, and for simplicity, will first bedescribed in situations where a single transaction management system 130is utilized. As shown, a payment account holder, buyer, or other user oroperator (hereafter, the “customer”) may have or use a mobile device 102(such as a mobile telephone or the like). The mobile device 102 has adisplay screen 136 and a data entry device 138 (such as a keypad ortouch screen). Pursuant to embodiments of the present invention, thecustomer may use the mobile device 102 to conduct a transaction with amerchant 108 (such as a payment, loyalty, return, or other transaction).The merchant 108 may be a physical storefront, electronic commercemerchant, or mail order and telephone (“MOTO”) merchant (or anotherperson or entity, or any other object capable of working in conjunctionwith the customer and/or the customer's device to initiate atransaction). Further, the merchant 108 need not be a “merchant”, butmay also be another individual (in the case of person to persontransactions), or a kiosk or other unattended device (such as anautomated teller machine (“ATM”)) or the like.

In a typical example transaction, a customer may purchase products orservices from the merchant 108 by first taking the products or servicesto a point of sale (e.g., such as a physical checkout counter, anelectronic shopping cart, or the like, generally referred to herein asthe “point of sale” or “POS”). The merchant 108 begins the checkouttransaction as normal, by totaling the items to be purchased (e.g., byusing a bar code scanner, key entry of product codes, or the like). Themerchant (acting through a clerk, a display screen, a POS terminalfacing the customer, or the like) then prompts the customer to select apayment option. In prior systems, the merchant might prompt the customerto select “credit”, “debit” or another payment option. Pursuant to thepresent invention, the merchant (acting through a clerk, display screen,a POS terminal facing the customer, or the like) may prompt the customerfor those options as well as a mobile payment option. If the customerselects the mobile payment option, features of the present invention areutilized to process the transaction.

In some embodiments, rather than requiring the customer to select themobile payment option by an action (such as by pushing a button on a POSterminal or communicating the choice to a clerk, etc.), the choice maybe made by the customer's act of scanning, capturing or entering acheckout identifier or “token” (as discussed below). For example, insuch embodiments, the action of capturing the token used in the presentinvention will cause the transaction to proceed pursuant to the presentinvention.

If the mobile payment option is selected, and once the purchase totalhas been generated, the merchant 108 transmits a merchant paymentauthorization request message to a transaction management system 130(via path 116). The merchant payment authorization request message mayinclude one or more pieces of data or information about the transaction.For example, the message may include one or more of a merchantidentifier, the amount due, and a token which, as will be describedfurther herein, is used to identify the merchant and the transaction forfurther processing.

A number of techniques may be used to generate or present the token. Forexample, in some embodiments, one or more tokens may be predefined orestablished for use with a given merchant 108 (e.g., the merchant 108could have a number of checkout tokens available to display or presentat the point of sale). In such embodiments, the merchant 108 wouldchoose a token for use with a given transaction. In some embodiments,such tokens may be generated or provided using a standardized format. Asan illustrative example, a merchant 108 may be issued or provided with arange of tokens or a predefined series or sequencing of numbers. As aspecific example, a merchant may be instructed to use a range of numbers(e.g., from “00000” to “99999”) as well as a sequencing or usage pattern(e.g., a specific checkout token may only be used in conjunction with asingle active transaction). In such an embodiment, the POS system wouldpass a selected token to the transaction management system 130. In otherembodiments, however, the tokens are issued or selected by thetransaction management system 130 and are provided to the merchant 108in response to a merchant authorization request message (as will bedescribed further below). Those skilled in the art will recognize thatother techniques for issuing, using and selecting tokens may be used. Insome embodiments, as will be described further below, a token may beissued by a “token issuing authority”.

Pursuant to some embodiments, the token is dynamically generated foreach transaction. In some embodiments, the token is a static identifierassociated with an individual checkout location (e.g., such as aspecific point of sale terminal or location, a specific ATM machine orother device, or with a small business person such as a plumber orelectrician who has no specific checkout location, or with anindividual). The merchant 108 causes the token to be displayed orpresented to the customer. For example, the token may be displayed on adisplay device associated with the merchant, or pre-printed on a placardor other display near the point of sale.

From the customer perspective, the payment process of the presentinvention may begin with the customer performing an authenticationprocess to confirm their identity and authority to conduct transactionsusing the present invention. The authentication process may be performedafter, or in some situations, prior to the customer's selection of themobile payment option at the point of sale. Pursuant to someembodiments, the authentication process serves to authenticate thecustomer to the transaction management system 130. The authenticationprocess may involve the customer launching a mobile payment applicationor a Web browser on the mobile device 102 and providing one or morecredentials or items of information to the transaction management system130 via communication path 114. For example, the authentication processmay involve the entry of a user identifier, a password, or othercredentials into a login screen or other user interface displayed on adisplay device 136 of the mobile device 102. The transaction managementsystem 130 compares the received information with stored information toauthenticate the customer. As will be described further herein,different transaction management systems 130 a-n may be involved, anddifferent mobile devices may interact with different transactionmanagement systems 130 a-n to perform this authentication process.Further, in some embodiments, the function of performing authenticationmay be performed by an entity that issued the mobile payment applicationused by the consumer. Such an entity may be referred to herein as a“wallet issuer”.

The authentication process, in some embodiments, also involves thecomparison of one or more attributes of the mobile device 102 with astored set of attributes collected from the mobile device 102 during aregistration process (such as the process of FIG. 3). For example, theattributes may include identifiers associated with the mobile device 102which uniquely identify the device. In this way, the customer isauthenticated two ways—with something they know (login credentials), andsomething they have (mobile device). Once the customer is successfullyauthenticated, then the system has access to a variety of attributesabout the customer, including a list of payment accounts that thecustomer previously identified to the transaction management system 130as part of the registration process. In some embodiments, as will bedescribed further herein, the authentication process is performedbetween a mobile device 102 and a wallet issuer.

After a successful authentication process, the customer is prompted toscan, capture (or otherwise enter) a token from a device associated withthe merchant 108 (shown as interaction 112 between the mobile device 102and the merchant 108). The token is used, as will be described furtherherein, to link messages from the mobile device 102 and the merchant108, and the transaction management system 130, so that transactionspursuant to the present invention may be accomplished. After capture ofthe token, the mobile device 102 transmits the token to the transactionmanagement system 130 in a customer transaction lookup request message(over communication path 114). The customer transaction lookup requestmessage includes the token captured by the mobile device 102.

Pursuant to some embodiments, either a “static” token or a “dynamic”token may be used. In an embodiment where a “static” token is used(e.g., such as one that is assigned for use by a specific point oftransaction location and which does not include any variable informationfor each transaction), the transaction management system 130 matches theinformation in the customer transaction lookup request (received fromthe mobile device 102) with the information in the merchant paymentauthorization request (received from the merchant 108) by matching thetoken information received in each of the messages. Once a match isfound, the transaction management system 130 transmits a transactiondetail message (via path 114) to the customer's mobile device 102. Theinformation from the transaction detail message provides the customerwith details about the transaction, including but not limited to theamount due, the name and location of the merchant (information containedin or derived from the merchant payment authorization request), andpossibly one or more marketing messages. In addition, the transactionmanagement system 130 may also send to the phone a list of paymentaccounts the customer has registered with the system, including credit,debit, checking, prepaid and other types of accounts. The list ofaccounts may include all of the accounts the customer registered withthe system, or it may include a subset of accounts, based on rulesestablished by the mobile payment network operator, the merchant, theissuer of each payment account, the customer, or another entity (e.g.,the list of accounts sent to the mobile device may only include thoseaccounts that may be used for the current transaction). Pursuant to someembodiments, the list of accounts may include only a single account or aplurality of accounts. Further, the list of accounts do not includeactual payment credentials—instead, the actual payment credentials arestored at (or accessible to) the transaction management system 130 (or,in some embodiments, the wallet issuer as will be described below). Inthis way, the mobile device 102 does not store sensitive payment accountinformation. For example, the list of accounts may simply includeidentifiers (such as proxies) allowing the transaction management system130 or wallet issuer to identify the actual payment credentialsassociated with each account of the customer. Now the customer can seeon the display 136 of their mobile device 102 the name of the merchantthey are about to pay, the amount to be paid, and a list of theirpayment accounts they can use to pay the merchant 108.

In some embodiments, the merchant's token may be derived from a uniqueidentifier in the merchant payment authorization request. For example,in cases where the merchant can't easily modify their system to pass thetransaction management system 130 a static token, such a derivation mayreduce or even eliminate the need for equipment upgrades and softwarechanges that might otherwise be required by a merchant adopting a newpayment method. The token may be derived using a mapping table whichmaps a merchant identifier, a terminal identifier, or other information(passed by the merchant system to the transaction management system 130)to a token. Based on the received identifier, a mapping process mayoccur to identify the appropriate token for use in that paymenttransaction. The selected token is associated with the transaction in amerchant transaction queue at the transaction management system 130 (orat the token issuing authority as described further below) where it ismade available to be matched with transactions from a customer messagequeue at the transaction management system 130 (or at a wallet issuer aswill be described further below). Those skilled in the art willrecognize that other matching and mapping techniques may also be used.In either event, the token is an identifier (consisting of a combinationof letters, numbers, and/or symbols) used to link a merchant paymentauthorization request to a payment authorization request received from acustomer operating a mobile device pursuant to the present invention.

In embodiments using a “dynamic” token (e.g., where the token isgenerated by either the merchant 108, the transaction management system130, or the token issuing authority before it is displayed on a displaydevice associated with the merchant during a checkout transaction, andwhere the token may include additional information about a transaction),checkout processing may proceed without a need for a customertransaction lookup request message to be transmitted to the transactionmanagement system 130. For example, in some embodiments, some or all ofthe transaction details may be encoded in a dynamic token which, whencaptured and processed by the mobile device 102, provides thetransaction details to the mobile device 102. Further details of both“static” and “dynamic” token embodiments may be discussed further belowor in the commonly assigned applications incorporated by referenceherein. In either event, however, the token is used to match messagesfrom the mobile device 102 with messages from the merchant 108 at thetransaction management system 130 (or at a combination of a walletissuer and a token issuing authority as described herein).

To complete the payment transaction, the customer then interacts withthe mobile device 102 to select a desired payment account to use in thepresent transaction, and causes a customer payment authorization requestmessage to be submitted (via path 114) to the transaction managementsystem 130. In some embodiments, the transaction management system 130transmits a payment authorization request message to the customer'smobile device, enabling the customer to have a final opportunity toconfirm or cancel the payment transaction, although this step isoptional. The customer's confirmation or cancellation is transmittedfrom the mobile device 102 as a customer payment authorization messageto the transaction management system 130 via path 114.

Once the payment authorization message from the customer's mobile deviceis received, the transaction management system 130 (or, in someembodiments, a wallet issuer or other entity as will be describedfurther below) creates an authorization approval request message fortransmission through one or more payment processing networks (not shownin FIG. 1) to cause the authorization, clearing and settlement of fundsfor the transaction. This request message includes information from themerchant payment authorization request such as the amount of thetransaction, or at least a pointer or reference to the relevant merchantpayment authorization request (received from the merchant 108) and apayment account identifier identifying the payment account selected bythe customer and previously stored in the transaction management system130 (and identified by a proxy or other identifier received from themobile device). The authorization approval processing is performed usingstandard financial authorization processing over one or moreauthorization networks (e.g., such as the VISANET® network operated byVisa, Inc., an Automated Clearing House system such as NACHA, or thelike, referred to in FIGS. 2, 3 5, and 6 below simply as “paymentprocessing”). Once the availability of funds is confirmed, thetransaction management system then sends the merchant paymentauthorization response message (via path 116) to the merchant so thetransaction can be completed at the point of sale. A customer paymentauthorization response message may also be displayed to the customer atthe point of sale and/or transmitted to the customer's mobile device.

Pursuant to some embodiments, as will be described further below, themerchant 108 is not provided with any actual payment credentials of thecustomer during the checkout process. Further, the mobile device 102never stores, sends or receives actual payment credentials. Instead, themobile device 102 stores or has access to a proxy associated with actualpayment credentials, and the proxy is used to identify a desired paymentaccount for use in a given transaction. The proxy is transmitted to thetransaction management system 130 (or, in some embodiments, to a walletissuer) in a customer payment authorization request message and thetransaction management system 130 (or, in some embodiments, to a walletissuer) uses the proxy to lookup or identify the actual paymentcredentials associated with the selected account. The actual paymentcredentials are then transmitted from the transaction management system130 (or, in some embodiments, from a wallet issuer) to an account issueror agent for authorization. By ensuring that actual payment credentialsare not revealed to or stored at a merchant 108 or mobile device 102,embodiments provide increased account security and reduced potential forfraud or abuse.

Pursuant to some embodiments, the mobile device 102 may be a smart phoneor a Web enabled mobile device such as, for example, an iPhone®, anAndroid® phone, or any phone that can access and display Web content oraccess the Internet. In some embodiments, the mobile device 102communicates with transaction management system 130 using a cellular orwireless network. In some embodiments, the transaction management system130 is a secure server (or network of servers). In some embodiments, thetransaction management system 130 (or, in some embodiments, a walletissuer and/or token issuing authority) is in communication with one ormore payment processing networks (not shown in FIG. 1, but shown inFIGS. 2, 3, 5 and 6 as “payment processing”) such as the VISANET®network operated by Visa Inc., the BANKNET® network operated byMasterCard International, or the like. The transaction management system130 (or, in some embodiments, a wallet issuer and/or token issuingauthority) may also be in communication with other financial transactionnetworks (such as ACH and EFT networks, private label networks,alternative payment systems such as PayPal®, or the like) to allowcustomers operating mobile devices 102 to conduct transactions using awide variety of different forms of payment instruments and accounts. Thetransaction management system 130 (or, in some embodiments, a walletissuer and/or token issuing authority) may further be in communicationwith one or more ad or offer management networks, such as those providedby Google®, Apple®, Yahoo®, Microsoft® or the like. As will be describedfurther below, data, including advertisements and offers may be receivedfrom those networks and presented to customers via the mobile device102.

In some embodiments, other devices may obtain a token and/or initiate atransaction. For example, in some embodiments, a customer operating amobile device 102 may obtain a token for use in a transaction, and thenprovide that token to another participant in the transaction (such as amerchant, another customer operating another mobile device, or thelike). Such a transaction flow may generally proceed as follows.

Pursuant to some embodiments, a transaction (such as a payment, loyaltyor other transaction) may be performed by a consumer operating a mobiledevice 102 to obtain a token from a transaction management system 130and then presenting the token to a point of interaction (such as amerchant 108, another mobile device, or the like). For example, once thetoken is obtained by the mobile device 102, the mobile paymentapplication may cause the token (or an encoded version of the token,such as in a QR code or the like) to be displayed on a display screen ofthe mobile device 102 for reading or capture by the point ofinteraction, transmitted to the point of interaction via a wirelesscommunication link, or the like. For example, a process at a merchant108 may proceed as follows (although other process flows may also beused with desirable results).

First, a clerk associated with the merchant 108 may scan items at a POSterminal and create an initial basket or set of items for purchase by acustomer operating a mobile device 102 (although the scanning of itemsmay occur after a token is generated and captured, in this illustrativeembodiment, for convenience, the scanning of items is described asoccurring first). A consumer, operating a mobile device 102 configuredwith a payment application pursuant to the present invention (and whohas registered one or more payment accounts with the transactionmanagement system 130 via a process such as that described below inconjunction with FIG. 4, for example) decides to use the mobile device102 to conduct the payment transaction at the merchant 108, andinteracts with the mobile device 102 to request a token for use in thetransaction. This request causes a message to be transmitted to atransaction management system 130. The message may also includeinformation authenticating the consumer as well as the consumer's mobiledevice (as described above), and the transaction management system 130uses the data from the message to create a pending transaction record inthe transaction queue as well as to generate a token for use in thetransaction.

The transaction management system 130 causes a message to be transmittedto the mobile device 102 which includes data associated with the tokenfor use in the transaction. The mobile device 102 (under control of thepayment application of the present invention) causes the token to bedisplayed on a display screen of the mobile device 102. The token may bedisplayed or presented in the form of a QR code, a bar code, Bluetoothor RFID signal, or the like, and the consumer is prompted to present thetoken to the merchant clerk or the merchant POS system for capture. Themerchant system 108, upon capturing the token from the mobile device102, associates the token with the pending transaction details (whichmay include the total transaction amount and other details of the itemsscanned) and transmits a process transaction request message to thetransaction management system 130 which includes the token informationas well as information about the transaction (which may include thetransaction amount, among other information). For example, the messagemay include data elements including: information identifying the token(received from the mobile device 102), information identifying thecashier, the POS terminal, the merchant 108, the location, thetransaction amount, and line item details of the items purchased. Thetransaction management system 130 uses the information from the processtransaction request message to identify the pending transaction in thetransaction queue and updates the transaction queue.

A request message may then be transmitted from the transactionmanagement system 130 to the mobile device 102 which includesinformation associated with the transaction received from the merchant108 including the transaction amount. Further, the message mayinformation identifying one or more available payment accounts of thecustomer which were identified by the transaction management system 130as being available for use by the customer in the specific transaction(e.g., by applying one or more merchant-specific rules, one or moresystem-specific rules, and one or more customer account rules). Thecustomer, interacting with the mobile device 102, selects an availablepayment account from the information received from the transactionmanagement system 130 and causes the selected account information and atransaction confirmation message to be transmitted to the transactionmanagement system 130.

Pursuant to some embodiments, some or all of these messages between themobile device 102 and the transaction management system 130 may be sentin one or more transaction sessions. That is, a session control isinitiated ensuring that the same mobile device 102 both requests thetoken and receives information about available payment accounts andselects an available payment account in a single transaction session. Inthis way, embodiments ensure that a different customer or user could notsomehow reuse or copy a different user's payment information. Inaddition, this approach ensures that the mobile device 102 thatinitiated the request for the token is the only device that can be usedto make a payment for the transaction identified in the message sentfrom the merchant 108 to the transaction management system 130.

The transaction management system 130, upon receipt of the selection ofa payment account and confirmation of the transaction, causes a paymentauthorization request message to be transmitted to payment processingsystems (not shown in FIG. 1, but shown in FIGS. 2, 3, 5 and 6). Thepayment authorization request message includes the actual paymentcredentials (identified based on the information received from themobile device 102), the transaction amount, and the merchantinformation. The transaction management system 130, upon receipt of anauthorization response from the payment processing systems, causes aconfirmation response message to be transmitted to the merchant 108 (aconfirmation response may also be transmitted to the mobile device 102).The pending transaction may also be removed from the transaction queue.In this way, a payment transaction may be performed by allowing a mobiledevice 102 to obtain a token for use in the transaction and to providethat token to a merchant 108 for use in the transaction. Thistransaction process may also be used in conjunction with the loyalty,discount, and other types of transactions. Further, the process may beused to conduct transactions at other types of merchant locations(including MOTO, Internet, or the like), at ATM machines or kiosks, andin person to person transactions.

Although the system depicted in FIG. 1 (and elsewhere throughout thisdisclosure) shows only a single mobile device 102 and merchant 108 thoseskilled in the art will appreciate that in use there will be a number ofdevices in use, a number of merchants using the system. Further,pursuant to some embodiments, multiple instances of the transactionmanagement system 130 (and, in some embodiments, wallet issuers andtoken issuing authorities) in operation.

As will be described further below, transactions conducted usingembodiments of the present invention have a number of desirableadvantages over existing payment methods. For example, customers areable to conduct payment transactions at a wide variety of merchantlocations using their mobile device. Further, the mobile device may beused to access a variety of held by the customer, allowing the customerto select the most appropriate or desirable payment account for eachtransaction. Using features of the present invention, merchants need notundertake costly hardware retrofit or replacements, as embodiments mayutilize existing point of sale systems and hardware. In addition, payingwith embodiments of the present invention can be more secure thanexisting payment methods, as it is possible to require that eachtransaction be authenticated using two items—user information (such as auser identifier and/or password, or a PIN) known to the customer, aswell as unique attributes associated with the mobile device the customeruses to initiate the transaction. Other benefits and advantages willbecome apparent to those skilled in the art upon reading thisdisclosure.

Pursuant to some embodiments, the system 100 includes a plurality oftransaction management systems 130 a-130 n. Each (or some) merchant 108may have an association or relationship with one or more transactionmanagement systems 130 a-130 n, and the customer operating the mobiledevice 102 need not know which of the transaction management systems 130a-130 n is involved in any given transaction. Similarly, each mobiledevice 102 may communicate with a number of different transactionmanagement systems 130 a-130 n, and the merchant or point of transactionneed not necessarily know which of the transaction management systems130 a-n is involved in any given transaction prior (until suchinformation is discerned during the transaction as described herein).

As described in the co-pending applications, a purchase or othertransaction process pursuant to some embodiments includes thegeneration, scanning or capturing of a token associated with the pointof transaction. In some embodiments, this token may be dynamicallygenerated for use in individual transactions at specific merchants orlocations. The scanning or capturing of the token by the mobile device102 causes information to be transmitted to a transaction managementsystem 130 for use in completing a transaction. Pursuant to someembodiments, data associated with the token may be used in conjunctionwith identifying or selecting an appropriate payment account for thetransaction. As disclosed herein, data associated with the token mayalso be used to determine which transaction management system 130 a-nthe mobile device should communicate with in order to retrieveinformation about a transaction at a merchant (such as, for example,information identifying the amount due, the retailer name, or the like).

Pursuant to some embodiments, the mobile device 102 (or, the merchant108, in situations where a token is provided from the mobile device 102to the merchant system in a transaction) can use any of a number ofdifferent methods to determine which transaction management system 130a-n to contact during a given transaction. For example, in someembodiments, when the mobile device 102 scans or captures the token at apoint of sale, the token may include an identifier or other informationthat may be used by the mobile payment application to contact theappropriate transaction management system 130 a-n. The identifier orother information may be, for example, a URI or URL encoded directly inthe token and which is used by the mobile application on the mobiledevice 102 to determine the path to reach the appropriate transactionmanagement system 130 a-n.As an illustrative example, the URLhttps://paydiant.com/tms/production may be included directly in thetoken along with the token value itself. In such an embodiment, the URLor URI may be encoded using an URL encoding scheme such that the mobilepayment application may efficiently and accurately decode the URL or URIfrom the token as well as the value of the token.

As another illustrative example of information that may be contained ina token, a formatted URL string may be encoded in a token (e.g., the URLstring may be encoded in a QR code, or the like) for capture andprocessing by a mobile payment application. A formatted URL string mayhave a structure as follows:https://hostname/ipaddress>:<port>/<tokenIssuingAuthorityIdentifier>kissuedToken>/<transactionMetaData>.An example string following this format may be:https://176.64.73.134:8663/pydt/y7uyjhd7/USD/3400. The transaction metadata that may be carried in this string may be, for example (and withoutlimitation) information such as: the currency of the transaction, anamount of the transaction, and a merchant identifier.

As another illustrative example of information that may be contained ina token, a URI based identifier may be encoded in a token (e.g., the URIbased identifier may be encoded in a QR code, or the like) for captureand processing by a mobile payment application. The token may be analpha numeric token such as “3ab0f564-82b5-4846-83a0-604c44989c59”. Thisstring could be used to lookup the appropriate transaction managementsystem (or wallet issuer/token issuing authority) for interaction. Atokenized string identifier may also be used. For example, the tokenizedstring may be formatted in a number of ways, including as anillustrative (but not limiting) example:<tokenIssuingAuthorityIdentifier>:<issuedToken>:<transacti-onMetaData>.

In a further embodiment, the token may include an identifier that isused to lookup the appropriate path to reach or communicate with theappropriate transaction management system 130 a-n. For example, themobile payment application installed on the mobile device 102 may beprovisioned with a lookup table (which may be updated or modified fromtime to time) with one or more identifier/path pairs. For example, themobile payment application may store a table such as the example Table Ibelow:

TABLE-US-00001 TABLE 1 Identifier Path ABC123https://paydiant.com/tms/production XYZ567https://visa.com/tms/production

In the illustrative examples in Table 1, if the mobile device 102interacts with a merchant 108 that uses the Paydiant transactionmanagement system 130, the token captured by the mobile device 102 fromthe merchant 108 may include the identifier “ABC123” as well as thevalue of the token. The mobile device 102, upon receiving the token,performs a lookup to determine that the path to use to communicate withthe transaction management system is the path associated with identifierABC123 (in the example, the appropriate path will behttps://paydiant.com/tms/production). If the mobile device interactswith a merchant 108 that uses the Visa transaction management system130, the token captured by the mobile device 102 from the merchant 108may include the identifier “XYZ567” as well as the value of the token.The mobile device 102, upon receiving the token, performs a lookup todetermine that the path to use to communicate with the transactionmanagement system is the path associated with identifier XYZ567 (in theexample, the path will be https://visa.com/tms/production).

In some embodiments, rather than (or in addition to) using a lookuptable stored on the mobile device 102, an external service may be usedto retrieve the appropriate path. For example, the mobile device 102 mayinteract with a merchant device 108 and may scan or capture a tokenpresented by the merchant. The token may be encoded to include both anidentifier and a token value, and the identifier may be used as aparameter in a web service call made by the mobile device 102 toretrieve the path to the appropriate transaction management system 130a-n. In this manner, the mobile device 102 need not store or maintain alookup table, but need only make a call to a predetermined webserviceendpoint that will return the path information associated with atransaction management system identifier. In some embodiments, acombination of a lookup table and a webservice call may be used (e.g.,if an identifier is not available or included in a lookup table storedat the mobile device 102, the mobile device 102 may make a call to a webservice endpoint to retrieve the appropriate path information to thetransaction management system 130).

In some embodiments, one entity or device (such as a transactionmanagement server, a token issuing authority, or the like) may act as adirectory service. For example, a token may encode or containinformation including a URI or URL (or other address) to the directoryservice. When the directory service is contacted with the token valueassociated with a transaction, the directory service may operate toidentify or provide one or more other URIs, URLs (or other addresses)which may be used by a device (such as a mobile device 102, a merchant108, another transaction management system 130, or the like) to obtainfurther information associated or usable with the transaction. As anillustrative, but not limiting, example, a directory service contactedabout a particular transaction (identified by the token value) mayprovide a first address at which merchant data associated with thetransaction may be obtained, a second address at which transactionreceipt data may be obtained (e.g., after completion of thetransaction), and a third address at which authorization data associatedwith the transaction may be obtained. Each of these additional addressesmay be obtained by a device or entity having the address of thedirectory server as well as a valid token value. In some embodiments,interaction with the directory server may be controlled (e.g., such thatonly authorized entities or devices may obtain the information from thedirectory service). Additional levels of relationships may also be used.For example, a token issuing authority may provide an address associatedwith transaction details, and that address may refer to another deviceor entity for additional transaction details, and that address may referto additional information associated with the transaction.

In some embodiments, no values from the token itself may be needed todetermine the appropriate transaction management system 130 to use. Forexample, the mobile device 102 or merchant 108 may follow one or morerules based on any number of factors, such as the time of day, day ofweek, current transaction volume at a point of interaction, dollaramount of a purchase, or any other factor to determine which transactionmanagement system 130 to use. The mobile device 102 or merchant 108 mayalso have a default transaction management system 130 setting (whichdefines a default transaction management system 130 to be used in caseswhere no specific transaction management system 130 is specified inconjunction with a token), and the transaction management system 130might be able to be changed based on one or more rules that evaluatedata that could include one or more data items from the token or a dataitem from any other data source.

As a further embodiment, the token captured by the mobile device 102 mayinclude an identifier which may be decoded by the mobile paymentapplication on the mobile device 102 to deduce the path to the relevanttransaction management system 130 a-n. For example, an algorithm couldbe used to convert an identifier received in the token to a path to theappropriate transaction management system 130. As an illustrativeexample, a simple identifier of “VIP” may be used to construct a path ofhttps://visa.com/1/production based on the following schema: the “V” inthe first position of the identifier maps to the domain “visa.com”, the“1” in the second position of the identifier maps to a directory havingthe same name, and the “P” in the third position of the identifier mapsto a “production” subdirectory. Similar schemes and mapping may be usedto produce a wide variety of URL/URI schemes, allowing the mobilepayment application on the mobile device 102 to efficiently identify thecorrect path to communicate with the appropriate transaction managementsystem 130. Those skilled in the art, upon reading this disclosure, willappreciate that other techniques for determining an appropriate path toa transaction management system may also be used.

In some embodiments, the functions performed by a transaction managementsystem 130 may be performed by one or more entities. For example, insome embodiments, the functions performed by a transaction managementsystem 130 may be performed by a wallet issuer and a token issuingauthority. In some embodiments, the functions performed by a walletissuer may include, for example, functions related to user management,user authentication, and some basic transaction management. Thefunctions performed by a token issuing authority may include, forexample, functions related to merchant management, merchantauthentication, and some basic transaction management. There may be anumber of different wallet issuers (e.g., which issue mobile wallets toa plurality of consumers and which manage user related functions forthose consumers) as well as a number of different token issuingauthorities (e.g., which interact with different merchants to facilitatetransactions pursuant to the present invention). Features of suchembodiments will now be described by reference to FIG. 2.

Further details of some aspects of a system according to someembodiments of the present invention will now be described by referenceto FIG. 2. FIG. 2 is a block diagram of an example payment systemnetwork environment showing communication paths between a mobile device202, merchants 208, one or more transaction management systems 230 andpayment processing systems 232. Mobile device 202 may be, for example, amobile telephone, PDA, personal computer, or the like. For example,mobile device 202 may be an iPhone® from Apple, Inc., a BlackBerry® fromRIM, a mobile phone using the Google Android® operating system, or thelike. Pursuant to some embodiments, mobile device 202 may operate apayment application allowing mobile device 202 to operate as a paymentdevice as described herein. In some embodiments, mobile device 202 iscapable of accessing and displaying Web content or otherwise accessingthe Internet so that a customer operating mobile device 202 may interactwith one or more transaction management systems 230 to initiate atransaction via a Web interface.

Mobile device 202 of FIG. 2 can, for example, communicate over one ormore wired and/or wireless networks 201. As an example, a wirelessnetwork can be a cellular network (represented by a cell transmitter215). A mobile device 202 may communicate over a cellular or otherwireless network and through a gateway 216 and then communicate with anetwork 214 (e.g., such as the Internet or other public or privatenetwork). An access point, such as access point 218 may be provided tofacilitate data and other communication access to network 214. Accesspoint 218 may be, for example, compliant with the 802.11g (or other)communication standards. For example, in embodiments in which a mobiledevice 202 is operating a payment application which allows mobile device202 to function as a payment device pursuant to the invention, thepayment application may cause or control communication of data throughnetwork 201 to one or more transaction management systems 230.

In some embodiments, mobile device 202 may engage in both voice and datacommunications over wireless network 214 via access point 218. Forexample, mobile device 202 may be able to place or receive phone calls,send and receive emails, send and receive short message service (“SMS”)messages, send and receive email messages, access electronic documents,send and receive streaming media, or the like, over the wireless networkthrough access point 218. Similar communications may be made via network215.

In some embodiments, a mobile device 202 may also establishcommunication by other means, such as, for example, wired connectionswith networks, peer-to-peer communication with other devices (e.g.,using Bluetooth networking or the like), etc. Mobile device 202 can, forexample, communicate with one or more services over networks 201, suchas one or more transaction management systems 230 (to conduct paymenttransactions, to create, edit, view or otherwise modify payment accountsettings and preferences, etc.), the Web 240, and other services 242.Mobile device 202 can also access other data over the one or more wiredand/or wireless networks 201. For example, content providers, such asnews sites, RSS feeds, web sites, blogs, social networking sites,developer networks, etc., can be accessed by mobile device 202. Suchaccess can be provided by invocation of a web browsing function orapplication (e.g., a browser) in response to a customer launching a Webbrowser application installed on mobile device 202. In some embodiments,a user may utilize a Web browser to interact with one or moretransaction management systems 230 to register payment accounts,establish account preferences, perform payment transactions, etc.

Mobile device 202 has a display screen 236 and a data entry device 238(such as a keypad or touch screen, or voice interface). Pursuant toembodiments of the present invention, the customer may use the mobiledevice 202 to conduct a purchase transaction with a merchant 208 (or anATM transaction with an ATM, or any other transaction supported by thesystem of the present invention). Merchant 208 may be a physicalstorefront, electronic commerce merchant, or MOTO merchant (or anotherperson or entity). Mobile device 202, in some embodiments, also has acamera (not shown) or other image capture device which allows the mobiledevice 202 to capture an image or representation of a token 210. Mobiledevice 202, in some embodiments, also has a wireless receiver (notshown) or other wireless signal receiving device which allows the mobiledevice 202 to capture a wireless signal representation of a token 210.For example, a customer may operate mobile device 202 to take a digitalpicture or capture the image of a token 210 displayed on or at amerchant point of sale device to initiate a payment transaction usingthe present invention. The captured image is shown as item 237 on thedisplay screen 236. As will be described further below, the token 210may be used to initiate and conduct transactions with a merchant.

Merchant 208 may operate one or more merchant systems 209 to processpayments and transactions, including, as will be described, paymenttransactions pursuant to the present invention (as well as “traditional”or standard payment transactions involving cash, standard payment cards,or the like). Merchant system 209 may be a networked point of salesystem (such as for a physical retail location) or it may be a shoppingcart system (such as for an electronic commerce or Internet retaillocation). In the case where the “merchant” is an ATM device, merchantsystem 209 may further be an ATM network or the like. Merchant system209 may further be a combination of systems designed to allow a merchantto accept payments for goods or services. In some embodiments, merchantsystem 209 may be in communication with one or more point of saledevices 212 which have display devices 213 for presenting and receivinginformation from customers. For example, in the situation where themerchant 208 is a physical retail location, a merchant system 209 may bein communication with a number of different point of sale devices 212each of which is located at a different checkout lane or location withinthe store (or in different stores in different geographical locations).Each of the point of sale devices 212 may present, display, orcommunicate transaction information to customers at the point of sale(or “POS”) so that the customer can approve or authorize purchases andpresent payment for the purchases.

As another example, where the merchant 208 is an Internet or otherelectronic commerce merchant, the merchant system 209 may be a Webserver (or a network of servers, some of which may be Internetaccessible) configured to process purchase transactions associated withmerchant 208. Point of sale devices 212, in such an example, may be anumber of remote terminals interacting with merchant system 209 such as,for example, personal computers, mobile devices, or the like that areable to interact with the merchant system 209 via a network such as theInternet. Because embodiments of the present invention are capable ofinitiating and conducting transactions for both physical and remotetypes of merchants, the point of sale, point of purchase, or interactionbetween a buyer and merchant may be referred to as the “point of sale”or “point of interaction” herein.

Pursuant to embodiments of the present invention, a token 210 isdisplayed on or near the point of sale. The token 210 may be either a“static” token or a “dynamic” token. In situations where static tokensare used, the token may be printed, displayed, or provided near thepoint of sale location (such as on a sticker or placard displayed so thecustomer can easily see and read or capture the token). Static tokens210 may be printed as a bar code image, as an alphanumeric identifier,or in other forms. In some embodiments, tokens may be presented in formswhich are easily discernable by a human so that they may be bothkey-entered or captured using a mobile device 202. In embodiments wherestatic tokens are used, an additional processing step may be performed(as will be described further below) in order to provide the mobiledevice 202 with detailed information about the transaction.

In embodiments where dynamic tokens are used, the token may be displayedon a display device 213 associated with a point of sale device 212. Adynamic token may be generated to include transaction information (e.g.,such as the purchase amount, etc.) and may, in some embodiments, involvefewer messages between the mobile device 202 and the transactionmanagement system 230 during a payment transaction. The token 210 may beencoded or displayed as a bar code image, as an alphanumeric identifier,as a wireless signal, or in other forms to allow the token 210 to becaptured as an image (e.g., using a camera or scanner associated withthe mobile device 202). The token 210 may also be key entered by acustomer of the mobile device 202 or be captured by a wireless receiverassociated with the mobile device 202. In some embodiments, a mobiledevice may be operated in conjunction with multiple types of tokens 210(e.g., a mobile application may be capable of capturing a token 210using image capture, wireless receiving, or key entry, depending on howthe token 210 is presented at a point of sale).

The display device 213 could be an LCD (or other display technologies)display (e.g., such as those currently available at many merchants insystems such as the Hypercom 4150 terminal, or the Verifone MX870terminal or the like). The use of the token 210 in transactions pursuantto the present invention will be described further below. In general,however, the token 210 is used by the transaction management system 230to match a payment request from a mobile device 202 with a paymentauthorization request from the merchant 208 to complete a paymenttransaction using information stored at, or accessible to, thetransaction management system 230. In embodiments where the token 210 isa dynamic token, the token may further be used to communicatetransaction details from the merchant 208 to the mobile device 202.

In a typical example transaction, a customer may purchase products orservices from the merchant 208 by first selecting mobile payment as apayment option, performing an authentication process with a paymentapplication on a mobile device 202 (or via a Web browser interactingwith transaction management system 230), capturing a token 210 from adevice associated with the merchant 208 (such as from a display 213 of apoint of sale device 212), receiving transaction details and a paymentaccount list or list of preferred or eligible accounts from thetransaction management system 230, selecting a payment option on themobile device 202, and submitting a customer payment authorizationrequest to a transaction management system 230 over a network 201.

The selection of a payment option involves receiving informationidentifying one or more payment accounts available to the customer. Theavailable payment accounts may be those specified by the customer duringa registration process such as the process described further below inconjunction with FIG. 4. Pursuant to some embodiments, the presentationof the different payment account options may include applying one ormore rules or preferences to a list of available payment accounts sothat the customer is presented with the account(s) that are best suitedor available for the current transaction. The customer selects thepayment account (or accounts, in the case of a split tender transaction)to use and the information is transmitted to the transaction managementsystem 230. In some embodiments, all of the customer's available paymentaccounts may be displayed to the customer after the customer has beenauthenticated.

In some embodiments, the list of accounts later received from thetransaction management system 230 (after it processes the customertransaction lookup request) may include additional metadata orinformation associated with each payment account (e.g., such as thecurrent available account balance, any special offers available if theaccount is used in the current transaction, etc.). In some embodiments,the list of accounts later received from the transaction managementsystem 230 may include fewer accounts based on the application of rulesat the transaction management system 230 (e.g., such as the applicationof one or more customer, merchant or system rules). For example, a rulemay specify that a specific payment account not be used for low dollarvalue transactions. In such a case, that specific payment account wouldnot be included in the list of accounts sent from the transactionmanagement system in response to the customer transaction lookuprequest. Put another way, the list of payment accounts received from thetransaction management system 230 after it processes the customertransaction lookup request may be a subset of all the accounts thecustomer has registered.

Substantially at the same time, the merchant 208 transmits a merchantpayment authorization request message to the transaction managementsystem 230 over a network 220. The transaction management system 230matches the customer payment authorization request (received from themobile device 202 over network 201) with the merchant paymentauthorization request (received from the merchant 208 over network 220)by using the token 210.

In some embodiments where a dynamic token 210 is used, no transactiondetails need be received by the mobile device 202 from the transactionmanagement system 230—instead, some or all of the transaction detailsmay be provided to the mobile device 202 via data encoded or otherwisecontained in the dynamic token 210. In some embodiments, the mobiledevice 202 requests or receives some or all of the transaction detailsfrom the transaction management system even where a dynamic token isused.

In some embodiments, the transaction management system 230 thentransmits a customer payment confirmation request message to thecustomer's mobile device 202, enabling the customer to have a finalopportunity to confirm or cancel the payment transaction. For example,the customer may be prompted to “confirm” or “cancel” the paymenttransaction. The prompt may provide additional information about thetransaction and the selected payment account so the customer can havedetailed information about the transaction before selecting “confirm” or“cancel”. In some embodiments, customers may be given the opportunity toset preferences or otherwise configure the mobile payment application toenable or disable certain messages or transaction steps. As a specificexample, customers may be given the opportunity to receive (or notreceive) customer payment confirmation request messages.

Once the final confirmation to proceed with the payment has beenreceived from the customer's mobile device 202, the transactionmanagement system 230 creates an authorization approval request messagefor transmission through one or more payment processing network(s) 232to cause the authorization, clearing and settlement of funds for thetransaction. This request message includes the transaction details, suchas the amount of the transaction or other information, from the merchantpayment authorization request (received from the merchant 208) and theactual payment credentials associated with the payment account selectedby the customer. The actual payment credentials may be obtained by usingthe payment account selection information and performing a lookup ofactual payment account credentials previously stored in a database orlocation accessible to the transaction management system 230. Theauthorization approval processing may be performed using standardfinancial authorization processing over one or more payment processingnetworks 232 (e.g., such as the VISANET® network operated by Visa, Inc.,an Automated Clearing House system such as NACHA, or the like). Once theavailability of funds is confirmed, the transaction management systemthen sends a merchant payment authorization response message to themerchant 208 so the transaction can be completed at the point of sale212, and a customer payment authorization response message to thecustomer's mobile device 202.

As described above, similar processing may occur in situations where themobile device 202 is used to obtain a token from a transactionmanagement system 230, and where the merchant 208 (or other mobiledevice, or other point of interaction device) captures the token fromthe mobile device 108.

In some embodiments, a payment system pursuant to the present inventionmay include multiple entities that perform different processingfunctions that would normally be provided by one or more transactionmanagement systems as described above. For example, in some situations,it may be desirable for multiple entities (referred to herein as “walletissuers”) to issue and manage mobile payment applications pursuant tothe present invention. For example, a financial institution or otherentity may choose to issue and manage the task and functions ofproviding mobile payment applications to its customers. This can resultin multiple wallet issuers participating in the payment system of thepresent invention. Similarly, a financial institution or other entitymay choose to provide token issuing functions on behalf of one or moremerchants. That is, an entity may have an existing relationship with amerchant and may already have integrated with or access to the merchantspoint of sale and other merchant systems. The entity may wish to offertoken issuing functions to the merchant. This can result in multipletoken issuing authorities participating in the payment system of thepresent invention.

One exemplary system is shown in FIG. 3 which is similar to the systemshown in FIG. 2 except that one or more token issuing authorities 250and one or more wallet issuers 260 are shown instead of a transactionmanagement system 230 (however, in some embodiments, one or moretransaction management systems 230 may still be utilized in the systemoperating in conjunction with the one or more wallet issues 260 and theone or more token issuing authorities 250). As shown in FIG. 3, thewallet issuer 260 may be in communication with a mobile device 202 viaone or more network paths. In general, the wallet issuer 260 and eachmobile device 202 operating a mobile payment application issued by thewallet issuer 260 may be in communication (for example, the mobilepayment application may be coded to ensure reliable interaction andcommunication between the mobile device 202 and the relevant walletissuer 260). Further, the token issuing authority 250 is incommunication with one or more merchants 208 via one or more networkpaths. In some transaction embodiments and scenarios, there may furtherbe communication between wallet issuers 260 and token issuingauthorities 250 (e.g., to complete a transaction involving bothentities). Further, while the wallet issuer 260 is shown as being incommunication with one or more payment processing networks 232, in someembodiments, token issuing authorities may also be in communication withone or more payment processing networks 232. Further details oftransactions involving these entities will be provided below inconjunction with the discussion of FIG. 5.

Pursuant to some embodiments, before a customer can use a mobile device(such as the mobile device 202 of FIG. 3) to conduct a purchasetransaction using the present invention, the customer must perform aregistration process such as the process described in conjunction withFIG. 4. Data collected or provided in association with the process 400may be stored at or be accessible to one or more databases associatedwith a transaction management system such as system 230. Further,pursuant to some embodiments, a separate wallet issuer 260 may storedata collected or provided in association with the process 400.

The registration process 400 of FIG. 4 begins when a customer first (at402) interacts with a registration server (which may be a component of,or related to, transaction management system 230 of FIG. 2 or walletissuer 260 of FIG. 3) to initiate a registration process. For example,the customer may operate an Internet browser (either on a mobile deviceor another computing device) to access a registration Web pageassociated with the registration server or use functionality in a mobileapplication to complete the registration process. The registration Webpage may request the customer provide some identifying information tobegin the account creation process. For example, a customer may providename, address and other contact information as well as contactpreferences, including one or more email addresses and phone numbers. Acustomer identifier or other unique record (or records) may beestablished in a database associated with or accessible to a transactionmanagement system 230 or a wallet issuer 260. A customer identifier maybe used to uniquely identify the customer. The customer identifier maybe an alphanumeric identifier assigned by the transaction managementsystem 230 (or the wallet issuer 260, depending on the embodiment) ormay be information based on or provided by the customer (e.g., such as amobile phone number or identifier associated with a mobile device 202).

Processing continues at 404 where the customer establishes an accountrelationship with the transaction management system 230 (or the walletissuer 260, depending on the embodiment). In some embodiments, theaccount creation includes providing contact and identifying informationassociated with the customer, as well as information identifying one ormore mobile device(s) from which the customer wishes to maketransactions. Each mobile device 202 may, for example, be identified byits phone number and/or other unique identifier(s) (such as a hardwareserial number, an ASIN, a Advertising Identifier in the case of aniPhone, a component serial number such as a CPU serial number or thelike). In some embodiments, where the customer registers from a browseron their mobile device, or by first downloading a payment applicationhaving a registration module onto their mobile device, the system maycapture unique identifying information associated with the mobile device(e.g., such as a hardware serial number, an ASIN, a AdvertisingIdentifier or other device identifiers).

Processing continues at 406 where the customer provides informationabout one or more payment devices or payment accounts that the customerwishes to have associated with the payment system of the presentinvention. Put another way, the customer provides information about oneor more payment accounts that the customer wishes to associate with thecustomer's account relationship with the transaction management system230 (or wallet issuer 260, depending on the embodiment). For example,the customer may enter information about one or more credit cards, debitcards, gift cards, bank accounts, checking accounts, or the like. Theinformation about each account includes the actual payment credentialsor sufficient information to process a transaction using the account.For example, with respect to a credit or debit card, the information mayinclude: the primary account number (or PAN), the expiry date, and theverification code. With respect to a bank account, the information mayinclude: the routing number and the account number. Other information,such as bank or issuer information may also be entered at 406.

As an illustrative example, a customer named “Jane” has entered detailsabout four of her payment accounts that she would like to be able toutilize in conjunction with the present invention, including: a ChaseCredit Card, having a primary account number (or “PAN”) of #######, anda card expiration date of 05/12, a Webster Bank Checking account havingan ABA number of ####### and an account number of ########, a WebsterBank Visa debit card having a PAN of ######## and a card expiration dateof 06/11, and a Starbucks gift card having a PAN of ###### and anexpiration date of 8/10. Additional account identifying information maybe provided as required (e.g., in some embodiments, for payment cards, acard verification number may also be provided). The data obtained duringprocessing 400 may be, for example, securely stored in a PCI compliantdatabase. In some embodiments, by securely storing payment card data(including expiry date and verification codes), payments made using thepresent invention may qualify for reduced interchange as “card present”transactions. Pursuant to some embodiments, a customer may add, removeor update account information as needed.

Processing continues at 408 where the customer may optionally establishone or more preferences or rules associated with the use of one or moreof the accounts entered at 406. For example, the customer may designateone of the accounts as the “primary” or default account. Other rules andpreferences may also be set to enable accounts to be selected and usedin an efficient and logical manner. For example, a customer may specifypriorities or other account-based rules to indicate how a particularpayment account should be treated with respect to other paymentaccounts. A customer may also specify spend limitations or balancerequirements that govern how and when a payment account is to bepresented as an option. A customer may also specify the order in whichaccounts are displayed on the mobile phone, based on what merchant theyare purchasing from, or the funds available in each account, or therewards received for using each account.

In some embodiments, a rule (such as a customer-specified rule), maycause a payment process to proceed more quickly, or with fewer customersteps. For example, a customer may specify that when making a purchase(or a certain type of purchase, such as a purchase below a certaindollar amount) at a specific merchant, that a default payment account beused. In such situations, a purchase transaction using the presentinvention may proceed without need for the customer to select or confirmthe selection of a payment account—it is done automatically byapplication of the customer-specified rule.

Those skilled in the art will appreciate, upon reading this disclosure,that a wide variety and type of account-level rules may be specified toallow a customer to manage how (and when) payment accounts are presentedas payment options.

In the illustrative embodiment introduced above, the customer named“Jane” has specified the following account preferences: (i) she wants toreduce the use of credit, and (ii) she wants to reduce transaction fees.Jane has also specified rules to be applied when specific paymentaccounts are analyzed for use in a given transaction: (i) her Starbucksgift card balance should be used where possible (having been assignedthe highest priority), (ii) her checking account or the debit cardassociated with her checking account should be used as the secondhighest priority (although she prefers not to use the checking accountif a transaction would reduce her balance to below $1,000), and (iii)her credit card should be the final payment option, having the lowestpriority.

When Jane uses her mobile device to conduct a transaction using thepresent invention, the transaction management system 230 (or the walletissuer 260) will compare the rules and preferences Jane has specified tothe details of the transaction to recommend which payment account(s) areavailable for the transaction. For example, if Jane uses her mobiledevice to purchase a cup of coffee at Starbucks, the transactionmanagement system will let her know that she can use her Starbucks giftcard for the purchase. In this manner, customers having a variety ofpayment accounts may be presented with choices of payment options thatare based on their overall preferences and usage objectives. Further, apayment account that is unavailable or unsuitable for a particulartransaction may be identified as such by the transaction managementsystem 230 (or the wallet issuer 260) so that the customer need not bepresented with that payment account as an option (e.g., if Jane ispurchasing gas at a gas station, she will not be presented with theStarbucks gift card as a payment option for that transaction).

In some embodiments, processing may continue at 410 if the customeroperates or uses mobile devices that are capable of operating anapplication that is associated with the present invention (such as aniPhone or an Android phone). At 410, the customer is prompted todownload and install an application on their mobile device. Theapplication allows the customer to operate their mobile device toquickly and easily conduct payment transactions pursuant to the presentinvention. For phones or devices that are not capable of running such anapplication, a link or Web page may be created or provided to thecustomer that may be accessed via a mobile phone browser, so that thecustomer can conduct payment transactions pursuant to the presentinvention.

Once a customer has established an account relationship with thetransaction management system 230 (or the wallet issuer 260, dependingon the embodiment) and registered one or more payment accounts with thetransaction management system 230 (or wallet issuer 260), the customermay utilize the system of the present invention to conduct purchasetransactions at merchants that support transactions of the presentinvention.

In some embodiments, such as the embodiment depicted in FIG. 3,different entities, systems or devices may perform different transactionmanagement functions. For example, in some embodiments, there may bemultiple wallet issuers 260 and multiple token issuing authorities 250interacting with multiple transactions involving multiple mobile devices202 and multiple merchants 208 (or other points of interaction, such asATMs, other mobile devices, or the like). For example, some consumersmay obtain their mobile payment applications on their mobile devices 202from their financial institution or other entity, and the financialinstitution or other entity may act as (or use an agent to perform thefunction of) the wallet issuer 260 for those consumers. Some merchants208 may choose to interact with certain token issuing authorities 250but not others. Or, a merchant 208 may use a single token issuingauthority 250. Each of these choices result in a combination of entitiesparticipating in a given transaction between a consumer and a merchant208 and pose a technical challenge to allowing all participants toengage in transactions without issues. Embodiments provide systems andmethods for allowing transactions to occur despite the potentially largeand diverse number of participants.

Reference is now made to FIG. 5 where a further system diagram is showndepicting portions of a system 500 in which a consumer operating amobile device 102 conducts a transaction with a merchant 108. In theillustrated system 500, the mobile device 102 operates a paymentapplication (which may have been installed and configured through aprocess such as that shown in FIG. 4) provided by a wallet issuer 260.In the illustrated system, the merchant 108 has a relationship orotherwise interacts with one or more token issuing authorities 250 a-250n. For example, a merchant 108 may have a relationship with one or moreentities (such as a financial institution, merchant acquirer, point ofsale system vendor, or the like) which it trusts to provide tokens fortransactions conducted pursuant to the present invention. In such asystem, without features of the present invention, it would betechnically challenging to allow a transaction to proceed. Details ofsome embodiments for allowing a transaction to proceed will now bedescribed by following the processing steps shown in FIG. 5 and whichare indicated as items “1”-“6”. While only 6 primary interactions areshown, in some embodiments, each interaction may include multiplemessages or communications between devices. For convenience and ease ofexposition, only the top level interactions are shown in FIG. 5;however, various implementation options will be described in thefollowing.

As shown, a consumer operating a mobile device 102 wishes to conduct atransaction with a merchant 108. For example, the customer may be at acheckout lane of a merchant in which the items to be purchased have beenrung up by a clerk, and the customer may have indicated a desire to paywith his mobile application. The selection of the mobile payment optionmay cause the merchant systems to request a token for the transaction.In the example, the merchant 108 uses several different token issuingauthorities 250 a-n (for example, the merchant 108 may use token issuingauthority 250 a for certain types of transactions, and token issuingauthority 250 b and 250 n for others). This is shown for illustrativepurposes only—those skilled in the art, upon reading this disclosure,will appreciate that many merchants may interact with only a singletoken issuing authority 250.

In the illustrative embodiment shown in FIG. 5, the merchant 108 hasseveral relationships, and in the depicted transaction (at theinteraction labeled as “1”), requests issuance of a token from tokenissuing authority 250 b. The request may be requested in a message suchas a merchant payment authorization request message which transmitsinformation associated with the pending transaction to the token issuingauthority 250 b. Upon receipt of the merchant payment authorizationrequest message, the token issuing authority 250 b generates orotherwise identifies a token for use in the transaction. The tokenissuing authority 250 b may also create a pending transaction recordassociated with the token. In some embodiments, the pending transactionrecord may include information including a merchant identifier, aterminal identifier, a transaction amount, and other data associatedwith the pending transaction. Pursuant to some embodiments, the tokengenerated or obtained by the token issuing authority 250 b includesinformation usable to identify token issuing authority 250 b. Asdiscussed above, such information may include a formatted URL string(providing a URL to the token issuing authority 250 b as well as othertransaction related information in some embodiments), a URI basedidentifier, a tokenized string identifier, or the like. The token(including the token identifier and the information for identifying thetoken issuing authority) is returned to the merchant 108 forpresentation or communication to the mobile device 102.

Those skilled in the art, upon reading this disclosure, will appreciatethat in some embodiments, the token and information for identifying thetoken issuing authority may also be pre-stored or made available locallyat the merchant 108.

The merchant 108 may display or otherwise present the token as a QR codeor via other means and the customer may be prompted to capture the tokenusing their mobile device 102 (shown as the interaction at “2”). Oncecaptured, the mobile payment application on the mobile device 102 may beoperated to decode the token to obtain the information contained therein(shown as the interaction at “3”). In some embodiments, the decoding ofthe token may involve cooperative processing between the mobile device102, the mobile payment application, and the wallet issuer 260 thatissued the mobile payment application, or some other device. Thedecoding of the token can result in any or all of the following: theidentification of the particular token issuing authority 250 b thatissued the token, the actual token value, as well as any meta dataprovided with the token value.

At this point in the transaction, the token issuing authority 250 b hasa pending transaction record containing the transaction details receivedfrom the merchant 108. The pending transaction record may be identifiedusing the token issued or otherwise provided by the token issuingauthority 250 b. However, the token issuing authority 250 b may not knowany information at this point regarding the customer or the paymentmechanism to be used by the customer. The customer (via the mobilepayment application on the mobile device 102) may have information aboutthe pending transaction to the extent provided in the meta data decodedat “3”, and also has a token value as well as information usable toidentify the token issuing authority 250 b. The wallet issuer 260 hasauthenticated the customer and the mobile device 102 and also hasinformation associated with the token received or captured by the mobiledevice 102. In general, at this point, the wallet issuer 260 also knowsthe identity of the token issuing authority 250 b. The wallet issuer 260may also know certain items of meta data associated with the transaction(if those items were provided in conjunction with the token). Forexample, consider an illustrative example where the token was encodedwith a formatted URL string having the following format:https://<hostname/ipaddress>:<port>ktokenIssuingAuthority-Identifier>kissuedToken>ktransactionMetaData>.The string received by the mobile device 102 at “2” and decoded at “3”may reveal the following formatted URL string:https://176.64.73.134:8663/pydt/y7uyjhd7/USD/34000/MID01001, whichallows the mobile device 102, the mobile payment application, and thewallet issuer 260 to discern that the appropriate token issuingauthority 250 b to interact with is a token issuing authority accessibleat https://176.64.73.134:8663 and identified as “pydt”. The token usableto identify the pending transaction record is “y7uyjhd7” and thetransaction is in US Dollars in the amount of $3,400 at a merchantidentified as “MID01001”. Further, the wallet issuer 260 may havelocation and other data received from the mobile device 102.

In some embodiments, processing at “3” may not result in the mobiledevice 102 having transaction information. For example, in someembodiments, the token obtained at “2” from the merchant 108 may notinclude meta data (such as data identifying a transaction amount, or thelike). In such situations, one or more further interactions may berequired. For example, one such further interaction is shown asinteraction “4” where the mobile device 102 interacts with the walletissuer 260 with a request for transaction details. Processing at “4” mayinclude the mobile device 102 providing the wallet issuer 260 with thetoken value as well as information usable to identify the token issuingauthority 250 b. The wallet issuer 260 may issue a request to the tokenissuing authority 250 b requesting transaction details associated withthe pending transaction record associated with the token value obtainedby the mobile device 102 at “2”. Once processing at “4” (in the casewhere the token obtained at “2” had no or insufficient meta dataassociated with the transaction), or processing at “3” (in the casewhere the token obtained at “2” did have sufficient meta data associatedwith the transaction), the processing may continue as described below.

The wallet issuer 260, interacting with the mobile payment applicationon the mobile device 102 may proceed to perform processing to determinewhich payment account(s) of the customer may be used in the transaction.For example, the wallet issuer 260, which stores the customer'spreferences and rules, may determine that only several payment accountsof the customer are available for use at the merchant identified by“MID01001” (or based on the merchant type and location). The walletissuer 260 may also determine that only certain payment accounts areavailable for use to complete transactions in US Dollars in the amountof $3,400.The wallet issuer 260 may interact with the mobile paymentapplication to inform the customer which payment accounts are availablefor use in the pending transaction and obtain a customer selection ofone or more payment accounts for use in completing the transaction.

Once the customer has selected the desired account and has confirmed oraccepted the transaction on their mobile device 102, processing mayproceed with an interaction “5” where either the mobile device 102, thewallet issuer 260 or a combination of the mobile device 102 and thewallet issuer 260 communicate with the token issuing authority 250 b toobtain a transaction authorization from one or more payment processingnetworks 280 for the transaction and provide the transactionauthorization to the appropriate token issuing authority 250 b. Suchinteraction at “5” may involve a number of messages. For example, oncethe customer has selected a desired payment account(s) for use incompleting the transaction, a message is transmitted identifying thedesired payment account(s) to the wallet issuer 260 (which message,according to some embodiments, does not include actual payment accountcredentials but rather a proxy or identifier usable by the wallet issuer260 to retrieve or identify the actual payment account credentials). Thewallet issuer 260 constructs a payment authorization request messagewith information including: the actual payment account credentials (suchas a PAN, account number, validation or verification data, expiry date,etc.), the transaction amount, and the merchant identifier. The paymentauthorization request message is then transmitted to one or more paymentnetworks for authorization processing. If the transaction is authorized,the wallet issuer 260 may receive an authorization code andauthorization response message, which are then transmitted to theappropriate token issuing authority 250 b along with the token.

The token issuing authority 250 b, upon receipt of the authorizationcode and authorization response, uses the received token to identify thepending transaction record and performs processing (at “6”) to interactwith the merchant 108 to complete the transaction. For example, insituations where the payment is authorized, the token issuing authority250 b may transmit information confirming the transaction wassuccessfully completed so the merchant 108 can cause a transactionreceipt to be printed at the point of interaction. The wallet issuer 260may also cause a transaction receipt or other information to betransmitted to the mobile device 106.

In some situations, it may not be possible for the wallet issuer 260 toobtain a payment authorization from the payment processing networks 280based on the information available to the wallet issuer 260. Forexample, in some embodiments, the token issuing authority 250 may notprovide additional metadata associated with a transaction (such as amerchant identifier and/or a transaction amount). In such cases,embodiments may be provided in which further communication between thewallet issuer 260 and the token issuing authority 250 may be required.For example, in some embodiments, once the wallet issuer 260 hasobtained a token from the mobile device 102, the wallet issuer 260 mayestablish communication with the token issuing authority 250 to obtainthe missing meta data (including, for example, a merchant identifier andtransaction amount). The wallet issuer 260 may then proceed as above andobtain a payment authorization from the payment processing networks 280.

In a still further embodiment for the situation where it is not possiblefor the wallet issuer 260 to obtain a payment authorization from thepayment processing networks 280 based on the information available tothe wallet issuer 260, the token issuing authority 250 may obtain thepayment authorization. For example, in some embodiments, the walletissuer 260, upon identifying the appropriate payment accountcredential(s) for use in the transaction may pass those payment accountcredential(s) to the token issuing authority 250 (along with the token),thereby allowing the token issuing authority to construct a paymentauthorization message with the information from the pending transactionrecord as well as the payment account credential(s) received from thewallet issuer 260. In either situation, the ability to complete atransaction is based on providing the mobile device 102 and the walletissuer 260 with information usable to identify the transaction (thetoken) as well as information usable to identify the token issuingauthority 250 (the information such as a URL, URI or other data providedwith the token).

As described above, in some embodiments a mobile device 102 may beoperated to obtain a token, and the token may then be provided to amerchant 108 (or to another device or participant in a transaction). Insuch embodiments, it is possible that different entities, systems ordevices may perform different transaction management functions.Reference is now made to FIG. 6 where one illustrative system will bedescribed. As with the embodiment described above in conjunction withFIG. 5, there may be multiple wallet issuers 260 and multiple tokenissuing authorities 250 interacting with multiple transactions involvingmultiple mobile devices 202 and multiple merchants 208 (or other pointsof interaction, such as ATMs, other mobile devices, or the like).

In FIG. 6, a further system diagram is shown depicting portions of asystem 600 in which a consumer operating a mobile device 102 conducts atransaction with a merchant 108. In the illustrated system 600, themobile device 102 operates a payment application (which may have beeninstalled and configured through a process such as that shown in FIG. 4)provided by a wallet issuer 260. In the illustrated system, the mobiledevice 102 obtains the token from a token issuing authority 250 b (inthe transaction labeled as item “1”). In some embodiments, a user anddevice authentication process may occur in conjunction with or prior tointeraction “1” (e.g., where the user and the device are authenticatedby the wallet issuer 260). In some embodiments, when the mobile device102 makes a request for a token from token issuing authority 250 b, itmay also provide information usable by the token issuing authority 250 bto communicate with the mobile device 102 (which will allow the tokenissuing authority 250 b to transmit transaction details to the mobiledevice 102 in a message to be described below and labeled as item “4”).Upon receipt of the request for the token, the token issuing authority250 b may create a pending transaction record associated with the token.In some embodiments, the pending transaction record may includeinformation including a wallet issuer identifier (for use in identifyingthe wallet issuer 260 associated with the mobile payment application ofthe mobile device 102), a customer identifier, and other data associatedwith the pending transaction. Pursuant to some embodiments, the tokengenerated or obtained by the token issuing authority 250 b includesinformation usable to identify token issuing authority 250 b. Asdiscussed above, such information may include a formatted URL string(providing a URL to the token issuing authority 250 b as well as othertransaction related information in some embodiments), a URI basedidentifier, a tokenized string identifier, or the like. The token(including the token value and the information for identifying the tokenissuing authority and, in some embodiments, some additional meta data)is returned to the mobile device 102 for presentation or communicationto the merchant 108.

The mobile device 102 may display or present the token as a QR code (orpresent it via a wireless signal like Bluetooth, NFC or the like) andthe merchant 108 may be may be prompted to capture the token (e.g.,using a scanner or other reader) (shown as the interaction at “2”). Oncecaptured, the merchant 108 may decode the token to obtain theinformation contained therein (shown as the interaction at “3”). In someembodiments, the decoding of the token may involve cooperativeprocessing between the merchant 108 and another entity. The decoding ofthe token can result in any or all of the following: the identificationof the particular token issuing authority 250 b that issued the token,the actual token value, as well as any meta data provided with the tokenvalue.

The merchant 108 may then perform processing to generate and transmit amerchant payment authorization request message to the token issuingauthority 250 b identified in the token (e.g., via interaction “4”). Themerchant payment authorization request message may transmit informationassociated with the pending transaction to the token issuing authority250 b, as well as the token value obtained from the interaction at “2”and “3”. The information may include a merchant identifier, terminalidentifier, transaction amount, and other data associated with thepending transaction.

At this point in the transaction, the token issuing authority 250 b hasa pending transaction record containing the information received fromthe mobile device 102, and pending transaction data containing theinformation received from the merchant 108. The pending transactionrecord may be identified using the token value issued or otherwiseprovided by the token issuing authority 250 b to the mobile device 102(and which was then communicated to the merchant 108). The token issuingauthority 250 b may also have information usable to communicateinformation to the mobile device 102 (e.g., including informationallowing direct communication with the mobile device 102 and/orinformation allowing communication with the mobile device 102 throughthe wallet issuer 260 associated with the mobile device 102, any or allof which information may which may have been obtained in the interactionlabeled as item “1”). However, the token issuing authority 250 b may notknow any information at this point regarding the payment mechanism to beused by the customer. Further, at this point, the mobile device 102 maynot have any transaction details (including information associated withthe merchant, the transaction amount, or the like). In some embodiments,the token issuing authority 250 b causes a further message associatedwith interaction “4” to occur. The further message is a message betweenthe token issuing authority 250 b and the mobile device 102. In someembodiments, this message may be routed through the wallet issuer 260associated with the mobile device 102 as shown in FIG. 6, while otherembodiments may allow direct communication between the token issuingauthority 250 b and the mobile device 102.

Once the mobile device 102 (and, in some embodiments, the wallet issuer260) has information associated with the pending transaction (including,for example, information identifying the merchant 108, the transactionamount, and the like), processing may continue with an interactionlabeled as “5”.

In processing during the interaction shown as item “5”, the walletissuer 260, interacting with the mobile payment application on themobile device 102 may proceed to perform processing to determine whichpayment account(s) of the customer may be used in the transaction. Forexample, the wallet issuer 260, which stores the customer's preferencesand rules, may determine that only several payment accounts of thecustomer are available for use at the merchant (or based on the merchanttype and location). The wallet issuer 260 may interact with the mobilepayment application to inform the customer which payment accounts areavailable for use in the pending transaction and obtain a customerselection of one or more payment accounts for use in completing thetransaction.

Once the customer has selected the desired account and has confirmed oraccepted the transaction on their mobile device 102, processing ofinteraction “5” may proceed where either the mobile device 102, thewallet issuer 260 or a combination of the mobile device 102 and thewallet issuer 260 communicate to obtain a transaction authorization fromone or more payment processing networks 280 for the transaction andprovide the transaction authorization to the appropriate token issuingauthority 250 b. Such interaction at “5” may involve a number ofmessages. For example, once the customer has selected a desired paymentaccount(s) for use in completing the transaction, a message istransmitted identifying the desired payment account(s) to the walletissuer 260 (which message, according to some embodiments, does notinclude actual payment account credentials but rather a proxy oridentifier usable by the wallet issuer 260 to retrieve or identify theactual payment account credentials). The wallet issuer 260 constructs apayment authorization request message with information including: theactual payment account credentials (such as a PAN, account number,validation or verification data, expiry date, etc.), the transactionamount, and the merchant identifier. The payment authorization requestmessage is then transmitted to one or more payment networks forauthorization processing. If the transaction is authorized, the walletissuer 260 may receive an authorization code and authorization responsemessage, which are then transmitted to the appropriate token issuingauthority 250 b along with the token.

The token issuing authority 250 b, upon receipt of the authorizationcode and authorization response, uses the received token to identify thepending transaction record and performs processing (at “6”) to interactwith the merchant 108 to complete the transaction. For example, insituations where the payment is authorized, the token issuing authority250 b may transmit information confirming the transaction wassuccessfully completed so the merchant 108 can cause a transactionreceipt to be printed at the point of interaction. The wallet issuer 260may also cause a transaction receipt or other information to betransmitted to the mobile device 106.

In some situations, it may not be possible for the wallet issuer 260 toobtain a payment authorization from the payment processing networks 280based on the information available to the wallet issuer 260. Forexample, in some embodiments, the token issuing authority 250 may notprovide additional metadata associated with a transaction (such as amerchant identifier and/or a transaction amount), or may not haveprovided the additional transaction information to the mobile device 102and wallet issuer 260 in conjunction with the interaction at “4”. Insuch cases, embodiments may be provided in which further communicationbetween the wallet issuer 260 and the token issuing authority 250 may berequired. For example, in some embodiments, once the wallet issuer 260has obtained a token from the mobile device 102, the wallet issuer 260may establish communication with the token issuing authority 250 toobtain the missing meta data (including, for example, a merchantidentifier and transaction amount). The wallet issuer 260 may thenproceed as above and obtain a payment authorization from the paymentprocessing networks 280.

In a still further embodiment for the situation where it is not possiblefor the wallet issuer 260 to obtain a payment authorization from thepayment processing networks 280 based on the information available tothe wallet issuer 260, the token issuing authority 250 may obtain thepayment authorization. For example, in some embodiments, the walletissuer 260, upon identifying the appropriate payment accountcredential(s) for use in the transaction may pass those payment accountcredential(s) to the token issuing authority 250 (along with the token),thereby allowing the token issuing authority to construct a paymentauthorization message with the information from the pending transactionrecord as well as the payment account credential(s) received from thewallet issuer 260. In either situation, the ability to complete atransaction is based on providing the mobile device 102 and the walletissuer 260 with information usable to identify the transaction (thetoken) as well as information usable to identify the token issuingauthority 250 (the information such as a URL, URI or other data providedwith the token).

Embodiments allow processing to occur in systems having multipletransaction management systems and further to allow processing to occurin systems having multiple entities performing different aspects oftransaction management (such as wallet issuers and token issuance) andallow mobile devices to easily and efficiently identify whichtransaction management system (or other device or entity) to communicatewith as well as the path or communication channel to use to interactwith the relevant transaction management system (or other device orentity) for each specific transaction.

In this manner, embodiments allow a wide variety of differenttransaction management systems and other entities and devices to be usedin a payment system of the present invention, and allow mobile devicesparticipating in the payment system to correctly identify and determinewhich transaction management system (or other device or entity) tocommunicate with to complete a transaction pursuant to the presentinvention based on information captured in a checkout token obtained ata point of transaction.

The above descriptions of processes herein should not be considered toimply a fixed order for performing the process steps. Rather, theprocess steps may be performed in any order that is practicable,including simultaneous performance of at least some steps. Although thepresent invention has been described in connection with specificexemplary embodiments, it should be understood that various changes,substitutions, and alterations apparent to those skilled in the art canbe made to the disclosed embodiments without departing from the spiritand scope of the invention as set forth in the appended claims.

1. A computer system, comprising: a non-transitory memory storinginstructions; and one or more hardware processors coupled to thenon-transitory memory and configured to read the instructions from thenon-transitory memory to cause the system to perform operationscomprising: generating a token comprising an address of a server to usein completing a transaction; and providing the generated token to adevice of another party to allow the device to complete the transaction,at least in part, by transmitting the token to the server via theaddress.
 2. The computer system of claim 1, wherein the address is aUniform Resource Locator (URL) encoded in the token.
 3. The computersystem of claim 1, wherein the address is a Uniform Resource Indicator(URI) encoded in the token.
 4. The computer system of claim 1, whereinthe device transmits the token to the server via the address to completethe transaction.
 5. The computer system of claim 1, wherein the tokenfurther comprises a token value associated with the transaction.
 6. Thecomputer system of claim 1, wherein the server is associated with one ofa plurality of different providers that perform transaction processing.7. The computer system of claim 1, wherein the token is generated aspart of initiating a transaction between two parties.
 8. Anon-transitory machine-readable medium having stored thereonmachine-readable instructions executable to cause a machine to performoperations comprising: generating a token comprising an address of aserver to use in completing a transaction; and providing the generatedtoken to a device of another party to allow the device to complete thetransaction, at least in part, by transmitting the token to the servervia the address.
 9. The non-transitory machine-readable medium of claim8, wherein the address is a Uniform Resource Locator (URL) encoded inthe token.
 10. The non-transitory machine-readable medium of claim 8,wherein the address is a Uniform Resource Indicator (URI) encoded in thetoken.
 11. The non-transitory machine-readable medium of claim 8,wherein the device transmits the token to the server via the address tocomplete the transaction.
 12. The non-transitory machine-readable mediumof claim 8, wherein the token further comprises a token value associatedwith the transaction.
 13. The non-transitory machine-readable medium ofclaim 8, wherein the server is associated with one of a plurality ofdifferent providers that perform transaction processing.
 14. Thenon-transitory machine-readable medium of claim 8, wherein the token isgenerated as part of initiating a transaction between two parties.
 15. Acomputer-implemented method for conducting a transaction involvingmultiple parties, comprising: receiving, a token comprising an addressof a server to use in completing a transaction; and transmitting thetoken to the server via the address to complete the transaction.
 16. Thecomputer-implemented method of claim 15, wherein the address is aUniform Resource Locator (URL) encoded in the token.
 17. Thecomputer-implemented method of claim 15, wherein the address is aUniform Resource Indicator (URI) encoded in the token.
 18. Thecomputer-implemented method of claim 15, wherein a user device receivesthe token from a second device during a pending transaction involvingeach of the devices.
 19. The computer-implemented method of claim 15,wherein the token further comprises a token value associated with thetransaction.
 20. The computer-implemented method of claim 15, whereinthe server is associated with one of a plurality of different providersthat perform transaction processing.